diff --git a/.github/workflows/pull-request-sast.yaml b/.github/workflows/pull-request-sast.yaml
index 6f5731f..c996386 100644
--- a/.github/workflows/pull-request-sast.yaml
+++ b/.github/workflows/pull-request-sast.yaml
@@ -20,7 +20,7 @@ jobs:
 
       # Results have to be a table as the organisation does not have Advanced Security license.
       - name: Run Trivy against Terraform
-        uses: aquasecurity/trivy-action@0.17.0
+        uses: aquasecurity/trivy-action@0.18.0
         with:
           scan-type: 'config'
           exit-code: '1'